Personal Coding Projects

07 Feb 2022 - NW

The project list on my resume has been getting kind of long recently and it’s a bit difficult to decide what I should keep and what should go. I also can’t exactly link to the repo list in GitHub since that contains a lot of uninteresting forks that I needed for PR’s or things like that. So this post is just a list of things that I think are interesting but may have not made it on to my resume (in no particular order).

GoLang

• liquidswards – Know, don’t guess, who can access what (IAM Roles).
• lq – An exactly once, in-order queue that delivers both past and future messages to all subscribers.
• UserDataSwap – Example of how an attacker might swap user data temporarily to execute arbitrary commands
• ditto – Mimic any command
• EC2FakeImds – Spoofing IMDS for nodes in a VPC. PoC based on https://blog.ryanjarv.sh/2020/10/19/imds-persistence.html
• cli-hijacker – Fork of aws-vault for the cli-hijacker PoC.
• coderun – Running scripts in an isolated environment should be stupid easy.
• dockersnitch – Like little snitch but for docker
• gocash – Redis like cashier service in GoLang
• RhinoSecurityLabs/amazon-ssm-agent – Fork of amazon-ssm-agent that can run as any user in parallel with the official service.

Python

• dsnap – Utility for downloading and mounting EBS snapshots using the EBS Direct API’s
• marionette – Active/Passive UserData swap PoC
  • This is a rewrite of UserDataSwap which solves some issues that came up in practice.
• steampipe_alchemy – SQLAlchemy wrapper around Steampipe.
• aws_session_recorder (Python) – AWS session that records discovered resources to a database
• awsconfig – AWS Config rules for non-default IMDS routes (partially obsolete)
• nettomidi – Net -> MIDI (Listen to your network!)
• pingscan – Messing around with sockets
• msh – Multivac Shell

Other

• randrust – Rust HTTP server that returns random bytes encoded with base64
• puppet-randrust – Puppet module for randrust
• minecraft_server – Chef repo for creating a Minecraft server in AWS
• awesome-cloud-sec – Awesome list for cloud security related projects.

Maintainer and Significant Contributor

• Pacu – The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
• CloudGoat – CloudGoat is Rhino Security Labs’ “Vulnerable by Design” AWS deployment tool
• sous-chefs/varnish – Chef Development repository for the varnish cookbook

Related Posts

• 16 Mar 2022 » Bypassing CDN WAF's with Alternate Domain Routing
• 04 Dec 2020 » Deja Vu in the Cloud
• 27 Nov 2020 » Backdooring User Data